Of the many changes brought by the digital age to the commercial landscape, one that is overlooked is the act of executing a contract. The days of wet-ink signing ceremonies in boardrooms are on the way out, while clicking a computer mouse a few times is fast becoming the norm. This can lead to situations that will make any company director uneasy.
Williams Group Australia v Crocker
A software system HelloFax enables users to upload their digital signatures to a document if the correct password and username are entered. Director A of a building company sets up usernames and passwords for Directors B and C. The passwords are not changed. Down the track, Director A uses these passwords to execute an application for credit not only in their name but also in the names of Directors B and C. Director A also executes personal guarantees bearing the digital signatures of all the directors. A lending company approves this credit application, and over time a $889,534.35 debt is accrued.
Eventually, the lending company claims the debt from the building company, and from the directors personally. Director C learns that they are being personally sued for hundreds of thousands of dollars.
Of course this was a real case: Williams Group Australia v Crocker  NSWCA 265. One of the parties was going to be left up the proverbial creek without a paddle. If the contract was void then Williams Group Australia’s debts were lost. If the contract was valid, then the innocent director Mr Crocker was going to foot the substantial bill for a contract he didn’t sign.
Digital signatures made basic questions difficult. As Crocker said in evidence: “Well it’s difficult when you’re presented with … your signature that’s electronic to know whether you did or didn’t [sign it]”.
Ultimately Crocker won, as he had not represented that his co-director had authority to sign on his own behalf. Had it been he who set up the signature software, however, it might have been different. And the substantial legal bills undoubtedly soured the victory. A warning shot was fired for all users of digital signatures.
Digital signatures and electronic signatures: some basics
Some quick definitions:
- Electronic signatures are essentially like traditional handwritten signatures but in electronic form: typing a name into an email, or pasting an image of a signature.
- Digital signatures use a code attached to an electronic document that identifies and authenticates the signatory. Adobe Sign for PDF files is one example. One party has a ‘private key’, which enables them (and only them) to sign a document. The other another party has a ‘public key’ enabling them to see the signature, but which does not let them edit the signature.
In both types of signature, if a witness is required, they must be present to witness the authentication.
What risks do electronic executions open a company up to?
Of course, there are enormous benefits brought by the rise of digital and electronic signatures. The software keeps a record of who signs and when. They are efficient: signatories don’t need to leave their office, and can almost instantaneously do business with parties on the other side of the globe. However, this rise also brings added complexities.
Two of which must be considered by businesspeople.
- Unauthorised use of the signature, or forgery, is now quite easy. Directors must beware of colleagues or fraudulent third parties taking their signature or the digital key. Even though forgery is illegal and renders a contract void, it creates huge problems, especially if the fraudulent party has disappeared with the money. Also, it won’t be forgery where a superior has given a subordinate authority to use the digital signature software; working out whether this has happened is not always easy.
- On the other side of the coin, a person may intend to sign a contract, but if the electronic execution is not done according to law, a contract may be deemed unenforceable and the other party can escape its obligations.
The law tries to find a line between a desire for commercial convenience and the desire to prevent forgery. It pays, sometimes in the hundreds of thousands, for signatories to be aware of the law around electronic execution.
A contract is void if the signature is forged, so that it is as if the contract never existed. However, this is no consolation if the forger has disappeared.
So how do I digitally execute my contract properly?
Very generally, the law’s position is not totally different for digital execution as for physical wet-ink execution. Contract law remains the same at its core: there must be an intention shown to make an offer and to accept that offer.
Having said this, there is no short answer to this question. Certain types of contracts, such as for sale of land or for giving someone else your right to sue, have particular requirements and electronic execution might not suffice. Statutes will have different definitions of signature.
Australian governments foresaw the issue of electronic execution at the turn of the century. They enacted the Electronic Transactions Act 1999 (Cth) and the Electronic Transactions Act 2000 (NSW).
These Acts make it clear a transaction, including a contract, is not invalid just because a signature was made electronically. Additionally, if an Act requires someone to give information in writing, this is satisfied by electronic communication so long as this communication is readily accessible and the other person consents to electronic communication.
To meet the requirements of signature by electronic means:
- A method must be used to identify the signing party and to indicate the person’s intention;
- This method must be as reliable as appropriate for the purpose for which the electronic communication was generated; and
- The other party must consent to the use of electronic means to sign a document.Where the signatory is someone acting on behalf of someone else, e.g. an employee for a corporation:
- The signing person must have authority to bind the principal.
The cases confirm this story. Generally, a person must put their name or mark to a document, and the important part is that they must do this ‘for the purpose of adopting or authenticating the document’. In some contexts, a typed first name at the end of an email suffices to create legal relations between the receiver and the sender.
Businesspeople should be very cautious in relation to witnesses to signatures, as attestation is not apparently protected under these Acts. It is assumed electronic attestation is permitted under law, but this has not been demonstrated yet.
The fourth element: binding a principal
As (4) indicates above, the situation is further complicated for companies or other principals and their agents. The person signing a document must have some form of authority to do sign on the principal’s behalf.
This authority must come from the company. Always the safest form of authority is express actual authority: the company should inform the other party in writing that the agent has the authority to use the electronic signature.
A company may also give the person ostensible authority, such as by providing them a certain title, status and facilities. Common practice is for businesses to put in place an organisational structure that gives the appearance to outsiders that an officer has the authority to bind the principal. For example:
- Giving an officer the title ‘Manager’ and providing letterheads and business cards gives ostensible authority to the officer.
- Significant prior dealings in which a person acted on behalf of the company, to its apparent acceptance
In Williams Group Australia v Crocker, if the director Crocker had made some representation that his co-director had authority to sign on his behalf, then he could well have been bound. This ostensible authority might have arisen if Crocker had set up the electronic signature system himself. He was saved by the fact that his co-director had set up the system.
Crocker was also saved by the fact that email notifications that came with use of his digital signature were not detailed enough to inform him of the full circumstances of his signature being used by his co-director. Had they fully informed him of the circumstances and had he done nothing, he may have ‘ratified’ the signature and beared the costs.
The court did not resolve the question of whether a ‘genuine’ electronic signature made without authority is forgery, but hinted that it might be.
The story is not happy for any of the parties. Crocker was still put through the ordeal of expensive legal proceedings. Williams Group Australia faced huge losses.
The case shows that in the digital age, training and rigorous checks and balances are more important than ever in ensuring that employees understand how their signatures are used and who has authority to use them.
And there is no substitute for open communication between the two parties about who has authority and how they will exercise it.